开发者

Why using clear text for Credit Card security code?

I'm curious about the reason why all most payment gateway site use clear text input to take security code.

Isn't it more secure if users put their security code in password mode textbox?

please give me enlight开发者_JAVA技巧enment on this


If you used a password box for this, who exactly are you hiding the security code from? Presumably the user has their credit card out, in their hand, and somebody looking over their shoulder can just see the number on the card instead of the screen.

Jakob Nielsen recently made a case to Stop Password Masking, that means for all password fields. Bruce Schneier added his opinion in his article The Pros and Cons of Password Masking. If there's discussion about whether password masking is relevant for password fields, I wouldn't even consider using it for CCV fields.

The password prompt in your OS for the wireless password probably has an option to "show password".


Hopefully, the data is transmitted using HTTPS. Using a password field might even make the browser prompt whether to save the value for later use, and hence might not make it more secure. (But then, you're right, using a plain text field might make the browser remember it as well.) At least plain text is easier for the user.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜